CN115033912A - Block chain-based medical data cross-device anonymous verification method, device and equipment - Google Patents
Block chain-based medical data cross-device anonymous verification method, device and equipment Download PDFInfo
- Publication number
- CN115033912A CN115033912A CN202210419459.XA CN202210419459A CN115033912A CN 115033912 A CN115033912 A CN 115033912A CN 202210419459 A CN202210419459 A CN 202210419459A CN 115033912 A CN115033912 A CN 115033912A
- Authority
- CN
- China
- Prior art keywords
- proxy
- signature
- medical data
- group
- agent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Abstract
The invention provides a block chain-based medical data cross-device anonymous verification method, a device and equipment, which are used for solving the problems of difficult verification and privacy disclosure of medical data in the sharing and transmission process among different intelligent medical devices. The method comprises the following steps: the electronic health records collected by different intelligent medical equipment form medical data reflecting the health condition of a patient; the main body group of the intelligent medical equipment authorizes the agency authority of a certain group member and carries out agency signature on the medical data on behalf of the main body group; the verifier carries out validity verification on the proxy signature, and any intelligent medical equipment main body in the main body group cannot deny the validity of the proxy signature passing verification; and storing the validated medical data in a public blockchain account book in a transaction form. The method can realize the anonymous verification of the multi-device main body in the medical data storage process and improve the safety of the privacy information of the patient.
Description
Technical Field
The invention relates to the technical field of blockchain, in particular to a method, a device and equipment for cross-equipment anonymous verification of medical data based on blockchain.
Background
The group signature scheme is that a group signs the same message, but in order to reduce the complexity of one-by-one signature of group members, only a single group member is required to represent the group to execute signature. The signed message signature has the power of a group signature, and all group members cannot deny the validity of the signature. Meanwhile, the signature behavior executed by which member in the group can not be determined from the message signature, and the anonymity of the signer is effectively ensured. The group signature is more suitable for solving the problem that the medical data multi-device main body is difficult to verify, the legal verification of the medical data by the multi-device main body can be realized, and the privacy protection effect is achieved by hiding the information of the signer.
Disclosure of Invention
Aiming at the problems of difficult verification and privacy disclosure of medical data in the sharing and transmitting process of different intelligent medical devices, the invention provides a medical data anonymous verification method, a device and equipment based on a block chain. Meanwhile, the medical data containing the legal agent signature cannot be denied by members in the equipment main body group, so that reliable guarantee is provided for the safety of the medical data and sensitive information; in addition, medical data and operation records are recorded on a public block chain account book, and the problems of accidental loss and tampering of the medical data are effectively solved.
The technical scheme of the invention is realized as follows:
a block chain-based medical data cross-device anonymous verification method comprises the following steps:
s100, forming medical data reflecting the health condition of a patient by using electronic health records acquired by different intelligent medical equipment;
s200, authorizing the proxy authority of a group member by a main body group of the intelligent medical equipment, and carrying out proxy signature on the medical data on behalf of the main body group;
s300, a verifier carries out validity verification on the proxy signature, and any intelligent medical equipment main body in the main body group cannot deny the validity of the proxy signature passing the verification;
and S400, storing the validated medical data in an open blockchain account book in a transaction form.
Preferably, proxy authorization refers to: before the main group of the intelligent medical equipment signs the generated medical data, selecting an agent signer representing the whole main group of the intelligent medical equipment, carrying out agent authorization on the agent signer and issuing an agent certificate;
the signature of the medical data refers to: the agent signer generates an agent public key and an agent private key by using the agent certificate, publishes the agent public key, and signs the medical data information by using the agent private key to generate the medical data signature;
the verification of the medical data means: the verifier verifies the validity of the medical data signature by using the public proxy public key; the signature is a valid proxy signature through the verification; illegal agent signature which can not pass the verification is discarded;
billing of medical data refers to: and the verified and valid medical data information is recorded into the public blockchain account book in a transaction form to form an untrustworthy record.
Preferably, the main group of the smart medical device allows the new device main member to freely join, and the specific operation method is as follows:
s101: a new device main member sends registration information to a group manager of a main group to obtain a corresponding member certificate;
specifically, the new device subject member first randomly selects two secret parametersWherein the content of the first and second substances,is a bimodal gaussian distribution; secondly, calculateAndwherein, the first and the second end of the pipe are connected with each other,is the new member private key, B is the group public key; then, an expiration date and time is selectedAnd will register the informationSending to the group manager;
s102: the group manager generates a member certificate containing an expiration date and time by using the registration information of the new equipment main body member, and returns the member certificate to the new equipment main body member;
specifically, the group manager first calculates r i ←SampleD(S A ,A,qz i ,σ 2 ),Token i =A·r i Andwherein S is A Is the group master key, A is the group public key, q and σ 2 Is a system parameter; secondly, randomly selecting a parameter a epsilon {0,1} n And calculateThe group administrator then publishes registration information for the new device principal memberAnd member certificate
Preferably, the main group of the smart medical device authorizes the proxy authority of a group member, and the method for proxy signing the medical data on behalf of the main group comprises:
s201: a group manager randomly generates a proxy certificate and sends the proxy certificate to a proxy signer;
specifically, the group manager randomly selects a parameterAnd a random bit b e {0,1} n (ii) a Secondly, calculateAndthen sends the proxy certificateSending to the agent signer;
s202: the proxy signer generates a proxy public and private key for signature by using the received proxy certificate;
specifically, the proxy signer first verifies the validity of the proxy certificate if the parameters in the proxy certificateSatisfy the requirement ofAndor parametersSatisfy the requirement ofAndif the proxy is unsuccessful, proxy authorization needs to be carried out again; if the parameter isAndmeet the above requirements, andandif both are true, the proxy authorization is successful; then, the proxy signer calculates M ← H 1 (W A→B ),A P =U i *M T Andwherein, A P Representative proxy public key, S P A proxy private key;
s203: the agent signer signs the message to be signed by using the generated agent public and private key;
specifically, the proxy signer first verifies whether the signature deadline and time are metSecondly, calculateAnd randomly selecting a parameter b epsilon {0,1} n CalculatingThen, the signature of the message m is published
Preferably, the method for the verifier to verify the validity of the proxy signature includes:
s301: verifying the validity of the signature by the verifier;
specifically, the verifier first verifies whether the signature term and time satisfy t v <t s Andwherein, t v Is the current signature verification time; secondly, the signed message is verified, if signature e i Satisfy | | | e i ||>T 1 And e i || ∞ >q/4, if the signature is illegal, the signature needs to be carried out again; if signature e i Meets the above requirements, andif yes, the signature is legal;
s302: verifying signature e using an opening algorithm i Signed by a proxy signer;
specifically, the verifier calculatesIf r is satisfied i ′=r i Then prove that the signature is indeed signed by the proxy signer; the opening algorithm is executed to determine which member of the device main body group the signature is when the information of the signer is required to be determined under special conditions; however, in general, the verifier can only verify that the proxy signature is a legal signature of the device body group, and cannot determine which bit of the group the proxy signature is, thereby protecting the privacy and security of the signer.
A medical data cross-device anonymous verification device based on a blockchain comprises a data collection module, an agent authorization module, a data signature module and a data verification module;
the data collection module is used for collecting electronic health records by the intelligent medical equipment through monitoring and collecting the medical data reflecting the health condition of the patient;
the agent authorization module is used for selecting the agent signer from the main body group of the intelligent medical equipment, authorizing the agent signer and issuing the agent certificate;
the data signature module is used for generating an agent public key and an agent private key by the agent signer by utilizing the agent certificate, signing the medical data information by using the agent public key and disclosing the agent public key;
and the data verification module is used for verifying the validity of the medical data proxy signature by the verifier by using the public proxy public key.
A computer device comprising a computer readable storage medium and a processor, the computer readable storage medium and the processor load and execute a blockchain-based medical data anonymity verification method.
Preferably, the computer readable storage medium has stored therein a computer program comprising program instructions which are loaded by a processor and execute a method for anonymous verification of medical data based on blockchains.
Compared with the prior art, the invention has the following beneficial effects: the medical data multi-device main body anonymous verification model based on the block chain is established, and a single member can sign on behalf of a device main body group, so that the complexity of implementing signature by the multi-device main bodies one by one is effectively reduced; the proxy signature is a signature of the whole group, and specific signer information cannot be determined, so that the privacy and the safety of the proxy signer are effectively protected; any member of the group cannot deny the validity of a legal proxy signature; the verified and legal medical data are recorded in the public block chain account book, so that the storage safety and the anti-tampering capability of the data are improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of the present invention;
FIG. 2 illustrates an intelligent medical device and a group of subjects according to the present invention;
FIG. 3 is a flow chart of anonymous verification of medical data based on blockchain according to the present invention;
fig. 4 is a block diagram of a medical data anonymity verifying device of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without any inventive step, are within the scope of the present invention.
Embodiment 1, as shown in fig. 1, a block chain-based medical data cross-device anonymous verification method includes:
s100, forming medical data reflecting the health condition of a patient by using electronic health records acquired by different intelligent medical equipment; the smart medical device comprises a wearable medical device of an individual, such as a health bracelet, an intelligent sleep system, a skin sensor, and the like; household intelligent detection instruments such as a sphygmomanometer, a blood glucose meter, a blood lipid detector and the like; and also various intelligent medical devices such as intelligent image analysis in medical institutions.
The electronic health records collected by different intelligent medical equipment comprise the blood pressure, the blood oxygen, the heart rate and the like monitored by the patient in daily life, and also comprise various electronic health records and the like obtained by different detections in medical institutions, so that the medical data reflecting the health condition of the patient are formed.
The medical data pertains to the patient's personal data assets, and the patient can authorize medical review of the medical data at the time of visit to assist in diagnosis. Meanwhile, the patient can also choose to share own medical data in a public medical system on the premise of hiding personal privacy information, and the medical data are recorded in a public block chain account book for inquiry and use.
S200, authorizing the proxy authority of a group member by a main body group of the intelligent medical equipment, and carrying out proxy signature on the medical data on behalf of the main body group; wherein, the proxy authorization means: before the main group of the intelligent medical equipment signs the generated medical data, an agent signer representing the whole main group of the intelligent medical equipment is selected, and agent authorization is carried out on the agent signer to issue an agent certificate. The signature of the medical data refers to: and the proxy signer generates a proxy public key and a proxy private key by using the proxy certificate, publishes the proxy public key, signs the medical data information by using the proxy private key and generates the medical data signature.
S300, the verifier carries out validity verification on the proxy signature, and any intelligent medical equipment main body in the main body group cannot deny the validity of the proxy signature passing the verification; wherein, the verification of the medical data means: the verifier verifies the validity of the medical data signature by using the public agency key; the effective agent signature is obtained through the verification; illegal agents that fail the verification are signed and discarded.
And S400, storing the validated medical data in a public blockchain account book in a transaction form to form a record which can not be tampered. Billing of medical data refers to: and the verified and valid medical data information is recorded into the public blockchain account book in a transaction form to form a non-falsifiable record.
As shown in fig. 2, the intelligent medical device and the main group of the intelligent medical device are composed of the intelligent medical device owned by the patient and used for collecting the daily electronic health record of the individual, the credible intelligent medical device in the medical institution such as the hospital, and the like, and the main group of the intelligent medical device related to the generation of the medical data of the patient. The main group of the intelligent medical equipment is a group formed by owners or operators of the intelligent medical equipment, and the main group of the intelligent medical equipment is not only responsible for data acquisition, but also participates in the verification process of medical data in the system.
The agent signer is one member of the main group of the intelligent medical equipment and represents an agent signing the medical data of the main group of the intelligent medical equipment.
The signature verifier is a person who verifies the medical data proxy signature and is responsible for judging the validity of the proxy signature.
The block chain account book is used for recording the medical data information which is verified to be legal, and storing operation record information such as storage, use and the like of the medical data.
Based on the intelligent medical device and the subject group described in fig. 2, fig. 3 shows a block chain-based anonymous authentication process for medical data. Firstly, the main group of the intelligent medical equipment allows a new member to freely join, and the new equipment main body enters the existing group through the joining mechanism; secondly, the equipment main body group selects a proxy signer to sign on behalf of the group; then, the proxy signer generates a proxy public and private key by using the proxy certificate and signs the medical data by using the private key; and finally, verifying the signed transaction information, and uploading the signed transaction information to a block chain account book if the transaction information is verified to be legal.
The new equipment main body member is registered as one member of the main body group of the intelligent medical equipment, and the specific operation process is as follows:
s101: the new equipment main body member sends a registration message to the group manager of the main body group to obtain a corresponding member certificate;
specifically, the new device principal member first randomly selects two secret parametersWherein the content of the first and second substances,is a bimodal gaussian distribution; secondly, calculateAndwherein the content of the first and second substances,is the new member private key, B is the group public key; then, an expiration date and time is selectedAnd will register the informationAnd sending the information to the group manager.
S102: the group manager generates a member certificate containing an expiration date and time by using the registration information of the new equipment main body member, and returns the member certificate to the new equipment main body member;
specifically, the group manager first calculates r i ←SampleD(S A ,A,qz i ,σ 2 ),Token i =A·r i Andwherein S is A Is the group master key, A is the group public key, q and σ 2 Is a system parameter; secondly, randomly selecting a parameter a epsilon {0,1} n And calculateThen, group managementThe publisher publishes registration information of new device principal membersAnd member certificate
The intelligent medical device group selects one member as a proxy signer, and performs signature on the group representative by authorizing the proxy.
The specific operation process is as follows:
s201: the group manager randomly generates a proxy certificate and sends the proxy certificate to the proxy signer;
specifically, the group manager randomly selects a parameterAnd a random bit b e {0,1} n (ii) a Secondly, calculateAndthen sends the proxy certificateTo the agent signer.
S202: the proxy signer generates a proxy public and private key for signature by using the received proxy certificate;
specifically, the proxy signer first verifies the validity of the proxy certificate if the parameters in the proxy certificateSatisfy the requirements ofAndor parametersSatisfy the requirement ofAndif the proxy is unsuccessful, proxy authorization needs to be carried out again; if the parameter isAndmeets the above requirements, andandif both are true, the proxy authorization is successful; then, the proxy signer calculates M ← H 1 (W A→B ),A P =U i *M T Andwherein A is P Representative proxy public key, S P Representing the proxy private key.
S203: the agent signer signs the message to be signed by using the generated agent public and private key;
specifically, the proxy signer first verifies whether the signature duration and time are satisfiedSecondly, calculateAnd randomly selecting a parameter b epsilon {0,1} n CalculatingThen, the signature of the message m is published
And the verifier verifies the validity of the proxy signature by using information such as a system public key, a proxy public key and the like.
The specific operation process is as follows:
s301: verifying the validity of the signature by the verifier;
specifically, the verifier first verifies whether the signature term and time satisfy t v <t s Andwherein, t v Is the current signature verification time; secondly, the signed message is verified, if signature e i Satisfy | | | e i ||>T 1 And e i || ∞ >q/4, if the signature is illegal, the signature needs to be carried out again; if signature e i Meets the above requirements, andif so, the signature is legitimate.
S302: verifying a signature e using an opening algorithm i Is signed by a proxy signer;
specifically, the verifier calculatesIf r is satisfied i ′=r i Then the signature is proved to be signed by the proxy signer; the opening algorithm is executed to determine which member of the device main body group the signature is when the information of the signer is required to be determined under special conditions; however, in general, the verifier can only verify that the proxy signature is the legal signature of the device main body group, and cannot determine which bit of the group the proxy signature is, thereby protecting the privacy of the signerAnd (4) completing.
Embodiment 2, on the basis of the medical data anonymity verification process based on the blockchain shown in fig. 3, fig. 4 shows a medical data anonymity verification apparatus based on the blockchain, which includes a data collection module, an agent authorization module, a data signature module, and a data verification module; the electronic medical record collected by the intelligent medical equipment is signed by the representative of the equipment main body group, and then the verifier verifies the electronic medical record to form a non-falsifiable transaction record which is recorded in the block chain account book. Here, the proxy group signature can effectively protect the personal privacy information of the signers who perform the signature on behalf of the group. Meanwhile, the verifier can verify that the proxy signature is a legal signature from the group, but cannot determine which member of the group signed the proxy signature, i.e. the anonymity of the signer is guaranteed. The modules are described in detail as follows:
the data collection module, wisdom medical equipment collects the electronic health record through the monitoring, both includes the personal daily health status information that wearable wisdom medical equipment collected of patient's personal, still include the detection result information that records through other wisdom medical equipment when the patient goes to the hospital and sees a doctor to and data such as diagnostic information that the doctor given when seeing a doctor. Health data relating to the health condition of the patient are collected into an account of a device body held by the patient himself and are collected as the medical data reflecting the health condition of the patient.
And the proxy authorization module is used for deducing the proxy signer from the equipment main body group, authorizing the proxy signer and issuing the proxy certificate. The proxy authorization process is a process of determining the validity of a proxy signer, which is a member of a group, choosing a right to exercise a signature on behalf of the group of device entities, the generated signature having the effect that all group members signed together. In turn, the group member cannot deny a legitimate proxy signature signed by the proxy signer.
And the data signature module is used for generating an agent public and private key by the agent signer by utilizing the agent certificate, signing the medical data information by utilizing the agent public key and disclosing the agent public key. The proxy private key used by the proxy signer contains both personal information and group information derived from the proxy certificate. The signed medical data information signature is signed both on behalf of the individual and on behalf of the group.
And the data verification module is used for verifying the validity of the medical data proxy signature by the verifier by utilizing the public proxy public key. The verifier determines whether the proxy signature is a signature of the device principal group by verifying the validity of the signature. If the verification is passed, the transaction containing the medical data is valid, and the transaction can be registered to a block chain account book; if the verification fails, the medical data signature is illegal, a signature breaker may exist, the signature process is terminated immediately, and the verification of the piece of medical data is performed again.
Embodiment 3, a computer device comprising a computer readable storage medium and a processor, the computer readable storage medium and the processor load and execute a blockchain-based on-chain-off-chain medical data sharing method. A computer readable storage medium has stored therein a computer program comprising program instructions that are loaded by a processor and execute a blockchain based on-chain-down-chain medical data sharing method.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents, improvements and the like that are made within the spirit and scope of the present invention should be included in the present invention.
Claims (8)
1. A cross-device anonymous authentication method for medical data based on a blockchain is characterized by comprising the following steps:
s100, forming medical data reflecting the health condition of a patient by using electronic health records acquired by different intelligent medical equipment;
s200, authorizing the proxy authority of a group member by a main body group of the intelligent medical equipment, and carrying out proxy signature on the medical data on behalf of the main body group;
s300, the verifier carries out validity verification on the proxy signature, and any intelligent medical equipment main body in the main body group cannot deny the validity of the proxy signature passing the verification;
and S400, storing the validated medical data in an open blockchain account book in a transaction form.
2. The blockchain-based anonymous authentication method for medical data across devices according to claim 1, wherein the proxy authorization means: before the main group of the intelligent medical equipment signs the generated medical data, selecting an agent signer representing the whole main group of the intelligent medical equipment, carrying out agent authorization on the agent signer and issuing an agent certificate;
the signature of the medical data refers to: the agent signer generates an agent public key and an agent private key by using the agent certificate, publishes the agent public key, signs the medical data information by using the agent private key and generates the medical data signature;
the verification of the medical data means: the verifier verifies the validity of the medical data signature by using the public proxy public key; the signature is a valid proxy signature after the verification; the illegal agent signature which can not pass the verification is discarded;
billing of medical data refers to: and the verified and valid medical data information is recorded into the public blockchain account book in a transaction form to form an untrustworthy record.
3. The method for cross-device anonymous authentication of medical data based on blockchain according to claim 1 or 2, wherein the subject group of the smart medical device allows a new subject member to freely join, and the specific operation method is as follows:
s101: a new device main member sends registration information to a group manager of a main group to obtain a corresponding member certificate; in particular, the amount of the solvent to be used,the new device body member first randomly selects two secret parametersWherein the content of the first and second substances,is a bimodal gaussian distribution; secondly, calculateAndwherein, the first and the second end of the pipe are connected with each other,is the new member private key, B is the group public key; then, an expiration date and time is selectedAnd will register the informationSending to the group manager;
s102: the group manager generates a member certificate containing an expiration date and time by using the registration information of the new equipment main body member, and returns the member certificate to the new equipment main body member;
specifically, the group manager first calculates r i ←SampleD(S A ,A,qz i ,σ 2 ),Token i =A·r i Andwherein S is A Is the group master key, A is the group public key, q and σ 2 Is a system parameter; secondly, randomly selecting a parameter a epsilon {0,1} n And calculateThe group administrator then publishes registration information for the new device principal memberAnd member certificate
4. The method of claim 3, wherein the group of subjects of the smart medical device authorizes proxy authority of a group member, and proxy signing the medical data on behalf of the group of subjects comprises:
s201: the group manager randomly generates a proxy certificate and sends the proxy certificate to the proxy signer;
specifically, the group manager randomly selects a parameterAnd a random bit b e {0,1} n (ii) a Secondly, calculateAndthen sends the proxy certificateSending to the agent signer;
s202: the proxy signer generates a proxy public and private key for signing by using the received proxy certificate;
specifically, the proxy signer first verifies the validity of the proxy certificate if the parameters in the proxy certificateSatisfy the requirement ofAndor parametersSatisfy the requirement ofAndif the proxy is unsuccessful, proxy authorization needs to be carried out again; if the parameter isAndmeets the above requirements, andandif both are true, the proxy authorization is successful; then, the proxy signer calculates M ← H 1 (W A→B ),A P =U i *M T Andwherein A is P Representative proxy public key, S P A proxy private key;
s203: the agent signer signs the message to be signed by using the generated agent public and private key;
5. The method for cross-device anonymous verification of medical data based on blockchain according to claim 4, wherein the method for the verifier to legally verify the proxy signature comprises:
s301: verifying the validity of the signature by the verifier;
specifically, the verifier first verifies whether the signature term and time satisfy t v <t s Andwherein, t v Is the current signature verification time; secondly, the signed message is verified, if signature e i Satisfy | | | e i ||>T 1 And e i || ∞ >q/4, if the signature is illegal, the signature needs to be carried out again; if signature e i Meets the above requirements, andif yes, the signature is legal;
s302: verifying signature e using an opening algorithm i Is signed by a proxy signer;
specifically, the verifier calculatesIf r is satisfied i ′=r i Then the signature is certified as indeed signed by the proxy signer; the opening algorithm is executed to determine which member of the device main body group the signature is when the information of the signer is required to be determined under special conditions; however, in general, the verifier can only verify that the proxy signature is a legal signature of the device body group, and cannot determine which bit in the group the proxy signature is, thereby protecting the privacy and security of the signer.
6. The device for verifying anonymity of medical data based on block chain according to any one of claims 1 to 5, comprising a data collection module, an agent authorization module, a data signature module and a data verification module;
the data collection module is used for collecting electronic health records by the intelligent medical equipment through monitoring and collecting the medical data reflecting the health condition of the patient;
the agent authorization module is used for the main body group of the intelligent medical equipment to select the agent signer, authorize the agent signer and issue the agent certificate;
the data signature module is used for generating an agent public key and an agent private key by the agent signer by utilizing the agent certificate, signing the medical data information by using the agent public key and disclosing the agent public key;
and the data verification module is used for verifying the validity of the medical data proxy signature by the verifier by using the public proxy public key.
7. A computer device according to any of claims 1-6, comprising a computer readable storage medium and a processor, the computer readable storage medium and the processor loading and executing a blockchain based medical data anonymity verification method.
8. The blockchain-based medical data cross-device anonymous authentication method according to claim 7, wherein the computer readable storage medium has stored therein a computer program, the computer program comprising program instructions, the program instructions being loaded by the processor and executing the blockchain-based medical data anonymous authentication method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210419459.XA CN115033912B (en) | 2022-04-20 | 2022-04-20 | Medical data cross-equipment anonymous verification method, device and equipment based on blockchain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210419459.XA CN115033912B (en) | 2022-04-20 | 2022-04-20 | Medical data cross-equipment anonymous verification method, device and equipment based on blockchain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115033912A true CN115033912A (en) | 2022-09-09 |
CN115033912B CN115033912B (en) | 2023-04-25 |
Family
ID=83118986
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210419459.XA Active CN115033912B (en) | 2022-04-20 | 2022-04-20 | Medical data cross-equipment anonymous verification method, device and equipment based on blockchain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115033912B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11956223B2 (en) * | 2018-12-04 | 2024-04-09 | Journey.ai | Securing attestation using a zero-knowledge data management network |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1790981A (en) * | 2005-12-08 | 2006-06-21 | 上海交通大学 | Mobile proxy safety route method based on group signature |
CN103825882A (en) * | 2014-01-14 | 2014-05-28 | 西安电子科技大学 | High non-camouflage realization method of revocable proxy signature |
CN104703178A (en) * | 2015-03-15 | 2015-06-10 | 西安电子科技大学 | Machine type communication authenticating and key negotiating method based on group anonymous proxy |
CN107846281A (en) * | 2017-10-30 | 2018-03-27 | 上海应用技术大学 | Location-based PROXY MULTI SIGNATURE method and system |
CN109326337A (en) * | 2018-09-06 | 2019-02-12 | 西安电子科技大学 | Electronic medical record storage and shared model and method based on block chain |
CN109948367A (en) * | 2019-03-27 | 2019-06-28 | 南京星链高科技发展有限公司 | A kind of medical data authorization method based on block chain technology |
-
2022
- 2022-04-20 CN CN202210419459.XA patent/CN115033912B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1790981A (en) * | 2005-12-08 | 2006-06-21 | 上海交通大学 | Mobile proxy safety route method based on group signature |
CN103825882A (en) * | 2014-01-14 | 2014-05-28 | 西安电子科技大学 | High non-camouflage realization method of revocable proxy signature |
CN104703178A (en) * | 2015-03-15 | 2015-06-10 | 西安电子科技大学 | Machine type communication authenticating and key negotiating method based on group anonymous proxy |
CN107846281A (en) * | 2017-10-30 | 2018-03-27 | 上海应用技术大学 | Location-based PROXY MULTI SIGNATURE method and system |
CN109326337A (en) * | 2018-09-06 | 2019-02-12 | 西安电子科技大学 | Electronic medical record storage and shared model and method based on block chain |
CN109948367A (en) * | 2019-03-27 | 2019-06-28 | 南京星链高科技发展有限公司 | A kind of medical data authorization method based on block chain technology |
Non-Patent Citations (1)
Title |
---|
高阳: "信息服务实体可信标识签发及跨域认证研究" * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11956223B2 (en) * | 2018-12-04 | 2024-04-09 | Journey.ai | Securing attestation using a zero-knowledge data management network |
Also Published As
Publication number | Publication date |
---|---|
CN115033912B (en) | 2023-04-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Benil et al. | Cloud based security on outsourcing using blockchain in E-health systems | |
CN109509518A (en) | Management method, server and the computer storage medium of electronic health record | |
Amin et al. | Anonymity preserving and lightweight multimedical server authentication protocol for telecare medical information system | |
US8904181B1 (en) | System and method for secure three-party communications | |
US8275632B2 (en) | Privacy compliant consent and data access management system and methods | |
Lee et al. | Medical blockchain: Data sharing and privacy preserving of EHR based on smart contract | |
US20130061055A1 (en) | Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones | |
JP5897040B2 (en) | Secure access to emergency personal health records | |
Hathaliya et al. | Securing electronic healthcare records: A mobile-based biometric authentication approach | |
EP3534287A1 (en) | Inserting a further data block into a first ledger | |
CN110998574B (en) | Authentication terminal, authentication device, and authentication method and system using the same | |
WO2022062399A1 (en) | Blockchain network-based diagnosis method and apparatus, and blockchain network system | |
CN110211683A (en) | A kind of support vector machines medical data privacy training system based on block chain | |
Dwivedi et al. | Towards a practical healthcare information security model for healthcare institutions | |
US11514438B1 (en) | Document generation with dynamic watermarking | |
CN110600096A (en) | Medical data management method and system and computer storage medium | |
CN109741800A (en) | The method for security protection of medical data intranet and extranet interaction based on block chain technology | |
Rubio et al. | Analysis of ISO/IEEE 11073 built-in security and its potential IHE-based extensibility | |
CN112002436B (en) | Block chain-based medical question answering method, device and medium | |
CN115033912B (en) | Medical data cross-equipment anonymous verification method, device and equipment based on blockchain | |
Soni et al. | Privacy-preserving secure and low-cost medical data communication scheme for smart healthcare | |
CN101939748A (en) | Activation by trust delegation | |
Zeb et al. | U-prove based security framework for mobile device authentication in eHealth networks | |
Kalaivani et al. | A novel fuzzy based bio-key management scheme for medical data security | |
Przytarski et al. | A Blueprint for a Trustworthy Health Data Platform Encompassing IoT and Blockchain Technologies |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |